Debian Project News - April 13th, 2015
Welcome to this year's third issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:
- Jessie coming soon!
- Calls For Help
- Other news
- Upcoming events
- New Debian Contributors
- Release-Critical bugs statistics for the upcoming release
- Important Debian Security Advisories
- New and noteworthy packages
- Work-needing packages
- Want to continue reading DPN?
Niels Thykier of the Debian Release team made the official announcement of a target release date of Saturday 25 April for Debian 8 Jessie! The date although announced is still subject to change for critical issues, but otherwise we are moving into the final stages for release. There will be a quiet period starting Saturday 18 April; all bug fixes must be in before then. There is still time to work on and apply fixes, so don't be shy!
The Debian Installer team announced the second release candidate of the installer for Jessie. Several improvements were made to brltty-udeb, console-setup, and tasksel, among other things. Hardware support is also improved, with the installer providing u-boot binaries for armhf systems without u-boot in flash, and grub2 support for running the 64-bit Linux kernel on a 32-bit EFI. There is full translation for 19 of the 75 languages supported.
Steve McIntyre gave a final update to his UEFI Debian installer work for Jessie to say that all improvements were committed. The latest release candidate works just as well as the test builds.
Ulrike Uhlig detailed quite extensively her work towards improving AppArmor support in Debian, as part of her final report on the latest segment of Debian's involvement in the Outreach Program for Women. She wrote about first starting with AppArmor and her learning curve both with it and with Debian, sharing the maturation process from being uncomfortable at first to later authoring documentation on how others could contribute. Although the internship has ended the work continues as she still plans on contributing as a member of the AppArmor Packaging Team.
Gregor Herrmann gave an update on RC bugs he worked on towards Jessie's release.
Freexian’s Debian Long Term Support report for February 2015 detailed how 58 paid work hours were divided between the four contributors. Ben Hutchings worked on linux-2.6 version 2.6.32-48squeeze11, userland, and security updates. Holger Levsen worked on the security tracker package. Raphaël Hertzog worked mostly on CVE triage with 41 commits to the tracker, a helper script for that process, and a sponsorship of e2fsprogs. Thorsten Alteholz uploaded new versions of php5 (fixing a regression), krb5, unzip, and binutils.
The AppArmor Packaging Team is asking for volunteers and interested parties to please help improve AppArmor support in Debian. They currently need help with documentation and bug reports.
Are you good at graphic design or artwork? There are several projects right now that need artwork such as JuggleMaster which needs icons, the Debian wiki which needs a community icon, and the LTS group which needs a logo.
The Debian Installer team asks for feedback and for help finding bugs and to further improve the installer.
Zlatan Todorić interviewed Laura Arjona as part of a series on FLOSS developers. Laura talked about applying to become a Debian Developer, her future plans in Debian, self-hosting, and administration.
Next in the series was an interview with Francesca Ciceri who shared some history of the non-packaging Debian Developer role, her journey in Debian through various teams, and how she came to be the voice of Debian's diversity.
Stefano Zacchiroli was interviewed by The Setup where he details the equipment and software that a computer researcher and Debian Developer uses for getting the job done. He followed up with a small commentary and thank you.
Following a vote and change to our constitution regarding term limits for Technical Committee members and the manner in which those positions will expire, new appointments were announced for Sam Hartman, Tollef Fog Heen, and Didier Raboud.
A recap of miscellaneous developer news.
- Gitorious and Codehaus will be closing soon. Gitorious will shut down at the end of May and Codehaus will be removing projects from April 2 onwards.
- There is currently a queue of prospective Debian members waiting for Application Managers (AMs). If you would like to help please contact the New Members Front Desk.
- check-all-the-things is a tool to check all of the things related to an unpacked or post-build source package or VCS repository. It will soon be available in experimental and can be checked out from collab-maint git.
- Debian's hardware donations wishlist has moved to the Debian wiki to allow all Debian contributors to add their Debian-related hardware wishlists. If you have a need for hardware to enable your work on Debian, please add an entry to the wiki so that hardware donors can contact you about it.
- There has been a change in how the SSL certificate configuration is organised on debian.org hosts. Going forward, DSA-administered machines do not trust any CA certs and will only trust SSL certs for debian.org services.
There are several upcoming Debian-related events:
- Reminder: Bug Squashing party in Salzburg, Austria, 17-19 April 2015.
- Debian Jessie Release Parties (listed alphabetically)
You can find more information about Debian-related events and talks on the events section of the Debian web site, or subscribe to one of our events mailing lists for different regions: Europe, Netherlands, Hispanic America, North America.
Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our talks page? Send an email to the Debian Events Team.
1 applicant has been accepted as Debian Maintainer, and 3 people have started to maintain packages since the previous issue of the Debian Project News. Please welcome Leopold Palomo-Avellaneda, Jessie Frazelle, Rodney Dawes, and Tycho Andersen into our project!
According to the Bugs Search interface of the Ultimate Debian Database, the upcoming release, Debian
Jessie, is currently affected by 82 Release-Critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, about 40 Release-Critical bugs remain to be solved for the release to happen.
Debian's Security Team recently released advisories for these packages (among others): mod-gnutls, xen, libssh2, movabletype-opensource, gnupg, ibgcrypt11, nss, icu, freetype, libav, putty, gnutls26, checkpw, tcpdump, libxfont, php5, file, openssl, php5, xerces-c, drupal7, iceweasel, mono, tor, python-django, batik, dulwich, shibboleth-sp2, freexl, openldap, wireshark, icewaesel, icedove, arj, mailman, libgd2, tor, and dpkg. Please read them carefully and take the proper measures.
The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: libarchive, redcloth, konversation, axis, mod-gnutls, libssh2, libextlib-ruby , putty, tcpdump, gnupg, mono, openssl, tor, tzdata, gnutls26, xerces-c, batik, libxfont, binutils, freetype, mailman, tor, arj, libgd2, libgcrypt11, checkpw, and ntp. Please read them carefully and take the proper measures.
Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list (and the separate backports list, stable updates list, and long term support security updates list) for announcements.
66 packages were added to the unstable Debian archive recently. Among many others are:
- afl — instrumentation-driven fuzzer for binary formats
- fw4spl — FrameWork for Software Production Line
- golang-logrus-dev — Logrus: a logging library for Go
- ksmtuned — enables and tunes Kernel Samepage Merging
- pipexec — create a directed graph of processes and pipes
- python-beanbag — Helper module for accessing REST APIs
- rofi — window switcher, run dialog and dmenu replacement
- superkb — Hotkey-based application launcher with on-screen hints
- yubikey-neo-manager — YubiKey NEO management graphical user interface
Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at email@example.com.
To receive this newsletter bi-weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Project News was edited by Cédric Boutillier, Chris, Jean-Pierre Giraud, Donald Norwood, Justin B Rye and and Paul Wise.